14 October 2015

Let me give you some background into the problem that I had. I have several users who use an application that does not work on Windows 7, so I had to load Windows XP mode on their machines to allow them to access the software. The software in question uses a trusted connection to connect to a database server so the users have to logon to the Windows XP mode VM with their Active Directory credentials. This works pretty well up until the point that the user has to change their AD password. The Windows XP Mode VM never actually shuts down after the application is used, it goes into hibernate / suspended mode and therefore the users old credentials are still cached on the VM and the connection to the DB server fails.

The way to resolve this is to reboot the VM, but this is a huge pain in the butt when you have to get VNC access to a machine and run through the whole process of launching the VM and restarting it, so I made some scripts to make my life a bit easier.

Please note that you require administrator privileges on the remote system in order to execute these scripts. You could modify them to include username and password if required. The Virtual machine also needs to be running, so ask the user to open the app that is giving them issues and execute the deploy script. The user can then goto C:\scripts and run the resart-vm.bat file to restart the VM on their machine. This saves me a ton of time and I hope you find it useful.

Scripts list:

restart-vm.ps1

Powershell script that restarts the Virtual machine.

restart-vm.bat

Batch script to execute the powershell script.

deploy-restart-vm.bat

Script copies the files to the remote system C:\Scripts directory. Allows input of host name.

I have multiple MS SQL express servers that I need to manage and backup and I have found that the backups can get quite large, so I looked into methods of compressing the backups. I found that there is a builtin method in SQL server, but this is only for a licensed copy of SQL server, not for the express edition. So being the hacker that I am I decided to do it myself with some scripting and 7zip.

It sounds simple right? Well it can be a bit difficult to tie it all together so here are some scripts that I have used to achieve this.

Create backup device

Open SQL server management studio

Expand Server Objects

Right Click Backup Devices

Click new backup device

Give the device a name (you need this for the batch script so try excluding spaces) and give it a backup path. I prefer using another disk and a simple path, something like D:\backups\db-backup.bak

Backup Database Script

The backup batch script should look something like below, just substitute the databasename to the name of the database you are backing up and backup-location to the name of the backup device you specified above.

05 October 2015

PSTools is one of the most useful suites of applications out there for a network administrator. The toolkit consists of several command line applications that allow you to perform remote administrative functions such as interrogate processes and services. Below is a list of my favorite tools and how I use them on a daily basis. Please note that you require administrative privileges on the remote system to be able to use these tools.

pslist

pslist allows you to get a list of the running processes on a remote system. I use this to see if users are running a particular process that I want to kill on their machine or not. It can be useful to troubleshoot certain issues or just determine if a user is running a specific application on their machine.

pslist examples

get a list of all the process on the machine:

pslist \\computername

get a list of all the processes starting with i

pslist \\computername i

pskill

pskill allows you to kill a process on a remote machine. This is particularly useful if you have a user who is running an application that they shouldn't and you want to shut it down remotely without them noticing it was you or if there is a non-responsive app on a remote computer for instance I have found that adobe acrobat reader often leaves instances running in the background and consumes user resources.

pskill examples

Kill iTunes on the remote computer

pskill \\computername itunes.exe

psexec

psexec allows you to remotely execute an application on a machine. This is useful to run remote scripted installs.

psexec examples

Open notepad on the remote computer (may not be visible to logged on user)

psexec \\computername notepad.exe

Copy the batch file to the remote computer and execute it. Batch file will map a network drive and call an installer.

psexec \\computername -C remote_install.bat

psloggedon

psloggedon gives you a list of all the users logged onto a remote computer. This is a great way to tell who is loggedon to a machine so you can phone them up and ask them why they are running a game you just noticed using pslist.